Access to some transport systems is controlled using near-field communication (NFC) based chip cards used by passengers and reader devices that are mounted at entrances and/or exits. Some metro systems have automatic gates that open when a chip card is validated. In identity based systems, user identities are stored and associated with respective user accounts and electric tickets. The use of public transport is charged from the respective user account when use of the electric tickets at the gates is observed.
In identity based systems, the user identities are not used as such as a ticket so as to mitigate the risk of identity theft by someone who might electrically eavesdrop communications between readers and electric tickets. Instead, electric tickets are produced such that the user identity is not derivable from the electric ticket.
There are various techniques to validate the electric tickets. At simplest, the ticket is sent by a chip card to a reader that passes the ticket to an authentication server. The authentication server checks that the ticket is valid, informs the reader of the validity of the ticket, and changes records such that the ticket in question is no longer valid. In some more sophisticated systems, there is a prior step of the reader authenticating itself to the chip card so as to avoid a man-in-the-middle attack in which some other devices imitates the reader and steals the ticket e.g. when in proximity of an NFC chip card. While such a theft would require proximity with the NFC chip card, rush hours in metro trains provides plenty of opportunities for close contacts with others' NFC chip cards.
In some NFC chip card identity based ticketing systems, the chip card authenticates itself to the reader by communications over NFC interfaces, using standardized cryptographic techniques such as public key infrastructure (PKI), challenges, responses, common time references and one-directional hashing.